package com.dinglian.ots.interceptor;

import cn.hutool.core.util.StrUtil;
import com.alibaba.fastjson.JSONObject;
import com.dinglian.ots.common.EncryptHelper;
import com.dinglian.ots.common.model.Constant;
import com.dinglian.ots.common.model.RequestHelper;
import com.dinglian.ots.dao.model.User;
import com.dinglian.ots.exception.GlobalException;
import com.dinglian.ots.redis.RedisService;
import com.dinglian.ots.redis.SessionKey;
import com.dinglian.ots.redis.TokenMapKey;
import com.dinglian.ots.redis.UserKey;
import com.dinglian.ots.result.CodeMsg;
import com.dinglian.ots.vo.user.UserVo;
import org.apache.commons.lang3.StringUtils;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.session.Session;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.web.servlet.HandlerInterceptor;
import org.springframework.web.servlet.ModelAndView;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.util.HashMap;
import java.util.Map;

import static org.apache.commons.lang3.StringUtils.isNotBlank;

public class AdminInterceptor implements HandlerInterceptor {

    @Autowired
    private RedisService redisService;

    @Override
    public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
        try {
            Session session = SecurityUtils.getSubject().getSession();
            UserVo userVo  = (UserVo) session.getAttribute(Constant.SESSION_USER);
            if (userVo!=null){
                String roleName = userVo.getRoleName();
                if (!Constant.ADMIN_ROLE_NAME.equals(roleName)){
                    response.sendRedirect(request.getContextPath() + "/admin/login");
                    return false;
                }
            }

            String sessionId = (String) session.getId();
            String authJson = redisService.get(TokenMapKey.getKey, EncryptHelper.SHA1(userVo.getUsername()), String.class);
            if (isNotBlank(authJson)) {
                JSONObject authInfo = JSONObject.parseObject(authJson);
                String cacheSessionId = authInfo.getString("sessionId");
                // 判断sessionid是否一致
                if (!sessionId.equals(cacheSessionId)) {
                    response.sendRedirect(request.getContextPath() + "/admin/login");
                    return false;
                }
            } else {
                response.sendRedirect(request.getContextPath() + "/admin/login");
                return false;
            }

            if (userVo == null) {
                response.sendRedirect(request.getContextPath() + "/admin/login");
                return false;
            }

            session.setAttribute(Constant.SESSION_USER,userVo);

            return true;
        } catch (GlobalException e) {
            response.sendRedirect(request.getContextPath() + "/admin/login");
        } catch (Exception e) {
            response.sendRedirect(request.getContextPath() + "/admin/login");
        }
        return false;
    }

    @Override
    public void postHandle(HttpServletRequest request, HttpServletResponse response, Object handler, ModelAndView modelAndView) throws Exception {

    }

    @Override
    public void afterCompletion(HttpServletRequest request, HttpServletResponse response, Object handler, Exception ex) throws Exception {

    }
}
